Symantec: Polymorphic Malware Increased in September

Yesterday Symantec released their Intelligence Report for September 2011 and the results clearly state that polymorphic malware has risen from 18% in August to 72% in September.

“This unprecedented high-water mark underlines the nature by which cyber criminals have escalated their assault on businesses in 2011, fully exploiting the weaknesses of more traditional security countermeasures,” revealed Paul Wood, senior intelligence analyst at Symantec.

While spam levels remain at somewhat normal levels, the number of social engineering attempts has risen and new methods of spreading viruses, such as masquerading in the form of an email sent from a printer inside the company, were discovered.

“The idea of an office printer sending malware is perhaps an unlikely one, as printers and scanners were not actually used in these attacks, but perhaps this sense of security is all that is required for such a socially engineered attack to succeed in the future,” Wood further revealed.

The use of JavaScript is again a popular trend among hackers as according to the analyst, “JavaScript is popularly used for redirecting visitors of a compromised Web site to the spammers landing page. While some of these techniques have been common in malware distribution for some time, spammers are increasingly using them.”

Other interesting things mentioned in the report include the fact that phishing email activity has diminished with 26% and web-based malicious threats increased with 1% compared to the previous month.

The winner of the “virus popularity prize” is W32.Sality.AE, a file infector which spreads by infecting executable files and by cloning itself using network shared elements. Sality was detected as being the most frequently blocked virus.

Geographical trends highlighted in the study show that in China almost 90% of the sent emails were blocked as spam while South Africa still remains the most targeted country by cyber thieves, statistics revealing that one in 133.1 messages is a phishing attempt.

Finally, an unexpected name has become the number one when it comes to malware containing email sent in September. Hungary seems to be the place where one in 111 electronic notes comes with some sort of a malicious component attached.